CVE-2023-1513

Published: Mar 23, 2023

Modified: Feb 25, 2025

PUBLISHED

Description

A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.

Vendor	Product	Versions
n/a	Linux kernel (KVM)	affected `Fixed in kernel 6.2`

Weaknesses (CWE)

CWE-665

References

https://bugzilla.redhat.com/show_bug.cgi?id=2179892

https://lore.kernel.org/kvm/20230214103304.3689213-1-gregkh%40linuxfoundation.org/

https://github.com/torvalds/linux/commit/2c10b61421a28e95a46ab489fd56c0f442ff6952

[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update

mailing-list

[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-1513

Description

Affected Products

Weaknesses (CWE)

References